Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/1_SzZyq2obXjdTzemeJppGfjRxE.roa
File: 1_SzZyq2obXjdTzemeJppGfjRxE.roa (raw, json)
Hash identifier: LHDx4hdCnh61MdXiRXc5naL2lsnf5IHvU0LYvAEiOt4=
Subject key identifier: D7:F4:B3:67:2A:B6:A1:B5:E3:75:3C:DE:99:E2:69:A4:67:E3:47:11
Certificate issuer: /CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Certificate serial: 018CC5DC87079562F212BBE67D198C49250A
Authority key identifier: 38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/1_SzZyq2obXjdTzemeJppGfjRxE.roa
Signing time: Mon 01 Jan 2024 16:30:13 +0000
ROA not before: Mon 01 Jan 2024 16:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62027
IP address blocks: 185.97.134.0/24 maxlen: 24
185.97.135.0/24 maxlen: 24
2a00:cee5::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:87:07:95:62:f2:12:bb:e6:7d:19:8c:49:25:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38ca3f38d8e5a301eaf6924b924fe8f57aac690d
Validity
Not Before: Jan 1 16:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7f4b3672ab6a1b5e3753cde99e269a467e34711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e9:da:47:8a:14:34:ff:f5:4c:a3:38:ac:b8:
64:3f:8d:f4:b9:16:bd:83:88:89:19:e9:4f:61:2b:
6a:2c:c9:d9:d0:a4:2f:d6:0e:bd:09:fd:32:3a:00:
dd:ed:c2:0b:77:bc:a3:a9:3b:7f:f7:cf:63:98:c4:
0f:08:c6:2a:cc:fb:d9:32:06:af:01:a5:34:fa:b6:
43:4c:47:2d:f1:ae:2a:3d:32:62:eb:2e:63:ce:18:
60:19:f7:1b:96:89:50:4e:9f:44:a2:61:b9:39:e2:
58:ee:da:03:3a:c4:4b:97:f6:be:8c:74:ab:12:74:
71:32:88:d5:12:af:76:66:8a:fa:3c:e1:05:42:8a:
4a:8c:b1:dc:27:ab:20:67:d1:f4:2f:71:b2:63:cf:
9a:55:d9:35:83:26:60:22:e7:52:6d:5c:ff:4b:2b:
6b:36:44:92:89:41:f3:e2:61:df:9c:ed:f3:d3:5a:
fc:0e:de:9d:09:80:ac:d1:a7:35:d0:c3:0f:53:b5:
2e:2d:8c:f7:dc:bd:37:b0:1a:c5:87:41:7e:ad:f9:
2d:0b:25:3f:08:22:b3:62:d4:13:08:04:95:b9:9b:
27:3b:13:2f:85:6d:05:46:29:c9:0f:f0:a9:49:65:
a7:e3:85:6e:d2:8f:21:20:e2:05:c9:df:64:3c:90:
b6:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:F4:B3:67:2A:B6:A1:B5:E3:75:3C:DE:99:E2:69:A4:67:E3:47:11
X509v3 Authority Key Identifier:
keyid:38:CA:3F:38:D8:E5:A3:01:EA:F6:92:4B:92:4F:E8:F5:7A:AC:69:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OMo_ONjlowHq9pJLkk_o9XqsaQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/1_SzZyq2obXjdTzemeJppGfjRxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/ba6755-4273-48e1-8582-712fa65a25ba/1/OMo_ONjlowHq9pJLkk_o9XqsaQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.97.134.0/23
IPv6:
2a00:cee5::/32
Signature Algorithm: sha256WithRSAEncryption
2d:b8:28:81:13:4c:55:82:2e:e9:e5:0c:30:12:26:51:e7:cb:
5d:94:fc:7e:72:ae:b0:18:05:19:b7:b9:01:cc:de:59:19:52:
b1:77:a8:9c:7e:83:9d:0b:2c:69:1d:02:db:33:01:05:4e:fc:
e8:e4:c8:8f:f4:af:ae:20:79:79:45:98:45:fc:53:a0:74:8f:
24:4d:0a:3f:41:be:b5:11:64:1d:83:25:35:6a:99:b7:30:a7:
6c:ff:c5:d8:10:8a:97:ad:89:d6:a0:36:a6:24:7a:72:d7:d7:
e4:49:69:76:6b:80:9e:9d:7b:08:9c:56:65:a0:36:ee:09:d2:
21:ab:bf:8d:cc:5e:86:af:dc:97:7a:a6:09:e9:37:76:6d:f4:
cf:75:7a:97:4d:74:8e:78:7c:dd:70:a8:26:b2:98:90:8c:ec:
78:c0:5f:2c:07:85:f3:5f:b2:35:62:4a:ad:27:a9:28:83:2f:
c2:61:d2:29:86:05:85:0d:24:76:71:72:e3:bf:21:a8:80:b4:
2b:17:bc:ae:82:6f:4b:62:28:ff:52:f5:ca:f2:16:01:0a:42:
69:ab:0f:f7:20:88:de:ed:f8:b6:77:63:4b:1a:b1:86:9c:32:
a3:9e:85:7d:2e:df:06:1a:92:67:03:d7:2f:2f:cd:08:f3:be:
e9:4f:88:3c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3IcHlWLyErvmfRmMSSUKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4Y2EzZjM4ZDhlNWEzMDFlYWY2OTI0YjkyNGZlOGY1N2Fh
YzY5MGQwHhcNMjQwMTAxMTYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2Y0YjM2NzJhYjZhMWI1ZTM3NTNjZGU5OWUyNjlhNDY3ZTM0NzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmunaR4oUNP/1TKM4rLhkP430uRa9
g4iJGelPYStqLMnZ0KQv1g69Cf0yOgDd7cILd7yjqTt/989jmMQPCMYqzPvZMgav
AaU0+rZDTEct8a4qPTJi6y5jzhhgGfcblolQTp9EomG5OeJY7toDOsRLl/a+jHSr
EnRxMojVEq92Zor6POEFQopKjLHcJ6sgZ9H0L3GyY8+aVdk1gyZgIudSbVz/Sytr
NkSSiUHz4mHfnO3z01r8Dt6dCYCs0ac10MMPU7UuLYz33L03sBrFh0F+rfktCyU/
CCKzYtQTCASVuZsnOxMvhW0FRinJD/CpSWWn44Vu0o8hIOIFyd9kPJC2vQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNf0s2cqtqG143U83pniaaRn40cRMB8GA1UdIwQY
MBaAFDjKPzjY5aMB6vaSS5JP6PV6rGkNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODIt
NzEyZmE2NWEyNWJhLzEvMV9Telp5cTJvYlhqZFR6ZW1lSnBwR2ZqUnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iYTY3NTUtNDI3My00OGUxLTg1ODItNzEyZmE2NWEyNWJh
LzEvT01vX09Oamxvd0hxOXBKTGtrX285WHFzYVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuWGGMA0E
AgACMAcDBQAqAM7lMA0GCSqGSIb3DQEBCwUAA4IBAQAtuCiBE0xVgi7p5QwwEiZR
58tdlPx+cq6wGAUZt7kBzN5ZGVKxd6icfoOdCyxpHQLbMwEFTvzo5MiP9K+uIHl5
RZhF/FOgdI8kTQo/Qb61EWQdgyU1apm3MKds/8XYEIqXrYnWoDamJHpy19fkSWl2
a4CenXsInFZloDbuCdIhq7+NzF6Gr9yXeqYJ6Td2bfTPdXqXTXSOeHzdcKgmspiQ
jOx4wF8sB4XzX7I1YkqtJ6kogy/CYdIphgWFDSR2cXLjvyGogLQrF7yugm9LYij/
UvXK8hYBCkJpqw/3IIje7fi2d2NLGrGGnDKjnoV9Lt8GGpJnA9cvL80I877pT4g8
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:24:31 2025 by rpki-client